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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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earned patent temn adjustment. See 37 CFR 1.704(b). 
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2a)n This action is FINAL. 2b)S This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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4) K Claim(s) 1-32.35 and 36 is/are pending in the application. 
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5) 0 Claim(s) is/are allowed. 

6) S Claim{s) 1-32,35 and 36 is/are rejected. 

Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 
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Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121 (d). 
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application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Response to Arguments 

1 . Applicants canceled claims 33-34, added claims 35-36. The pending 
claims are 1-32 and 35-36. Applicant's arguments with respect to claims 1,11,16 and 
28 have been considered but are moot in view of the new ground{s) of rejection. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this Office 
action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AlPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AlPA (pre-AlPA 35 U.S.C. 102(e)). 

3. Claims 1-10 and 28-32 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Bapat et al. [USP 6,236,996 B1]. 
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Regarding to claims 1 and 28, Bapat teaches a method and a computer program 
for controlling managed objects. As shown in FIG. 14, tables 310 and 320 as in FIG. 
1 1 A are stored in a conventional DBMS 280 (Col. 25, lines 49-50). Rows 31 1,312, 321 , 
322 of the tables 310, 320 contain management information for managed objects (Col. 
25, lines 60-61 ). The FDN operates as the primary key to the data stored in the table 
and to determine which managed objects that a particular user is permitted to access or 
modify (Col. 19, lines 36-40). Access control for a particular user on a particular 
managed object is defined by a permissions table (Col. 26, lines 10-12). As shown in 
FIGS. 15A and 15B, a permission entry 1502, 1504 is tuples having three fields, user 
name, object name and operation type. The object name is the FDN for a managed 
object (Col. 26, lines 28-33). As seen, the FDN is defined in the permission table as at 
least one expression associated with at least one record of said database. When a user 300 
issues an SQL command to access the DBMS 280 (Col. 22, lines 24-26, Col. 25, lines 
65-67), Access Control is enforced by evaluating FDN as at least one expression for said at 
least one record, and allowing access to said one record based on said evaluating o/FDN as 
at least one expression (Col. 27, line 45-Col. 28, line 26). 

Regarding to claim 2, Bapat teaches all the claimed subject matters as discussed 
in claim 1 , Bapat further discloses at least one expression is a calculation expression that 
can be evaluated at least partly based on a value of at least one field of said at least one record 
(Col. 26, lines 28-33). 
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Regarding to claim 3, Bapat teaches all the claimed subject matters as discussed 
in claim 1 , Bapat further discloses at least one expression is a calculation expression that 
can be evaluated at least partly based on at least one state variable of said database (Col. 26, 
lines 28-33). 

Regarding to claims 4 and 29, Bapat teaches all the claimed subject matters as 
discussed in claims 1 and 28, Bapat further discloses at least one expression can be 
defined based on fields and state variables of said database^ and wherein said evaluating 
operates to return only one of two possible values^ one of said possible values indicating that 
access to said at least one record should be granted^ and the other one of said possible values 
indicating that access to said at least one record should be denied (Col. 26, lines 28-33, Col. 
27, line 45-Col. 28, line 26). 

Regarding to claim 5, Bapat teaches all the claimed subject matters as discussed 
in claim 1 , Bapat further discloses evaluation is performed only when a request to access 
said at least one record has been received (Col. 25, line 65-Col. 26, line 7). 

Regarding to claim 6, Bapat teaches all the claimed subject matters as discussed 
in claim 1 , Bapat further discloses defining of said at least one expression defines access 
privileges for a user of said database with respect to accessing one or more records of said 
database (FIG. 15Aand B). 
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Regarding to claim 7, Bapat teaches all the claimed subject matters as discussed 
in claim 1 , Bapat further discloses defining of said at least one expression operates to define 
access privileges for a user of said database with respect to at least one operation that can be 
performed on one or more records of said database (FIG. 1 5A and B). 

Regarding to claim 8, Bapat teaches all the claimed subject matters as discussed 
in claim 1 , Bapat further discloses defining of said expression defines access privileges for 
at least one user of said database with respect to access to one or more records in said 
database^ and wherein said defining of said expression operates to define access privileges 
with respect to at least one operation that may be requested to be performed by said at least 
one user on one or more records of said database (FIG. 1 5A and B). 

Regarding to claims 9 and 31 , Bapat teaches all the claimed subject matters as 
discussed in claims 8 and 28, Bapat further discloses at least one user is assigned a 
password that is associated with said expression (FIG. 1 5A and B). 

Regarding to claims 10 and 32, Bapat teaches all the claimed subject matters as 
discussed in claims 1 and 28, Bapat further discloses access to said at least one record can 
be for browsing, editing, or deleting of said at least one record (FIG. 1 5A and B). 
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Regarding to claim 30, Bapat teaches all the claim subject matters as discussed 
in claim 28, Bapat further discloses defining of said expression is made to define access 
privileges of at least one user of said database with respect to access to one or more records of 
said database, and wherein said defining of said expression operates to define access privileges 
with respect to at least one operation that may be requested to be performed by said at least 
one user on one or more records of said database (FIG. 1 5A and B). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 

all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 

the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 

the various claims was commonly owned at the time any inventions covered therein 

were made absent any evidence to the contrary. Applicant is advised of the obligation 

under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 

not commonly owned at the time a later invention was made in order for the examiner to 

consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f)or(g) 

prior art under 35 U.S.C. 103(a). 
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5. Claims 16-18, 23-26 and 35-36 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Bapat et al. [USP 6,236,996 B1] in view of Applicant 
Admitted Prior Art [Background Of The Invention, pages 1-3], 

Regarding to claim 16, Bapat teaches a database system. As shown in FIG. 14 is 
a database having one or more records stored therein (Col. 25. lines 49-50 and 55-59). 
A call 440 to a create permissions procedure 442 as a database program is used to 
create the permissions tables as in FIG. 15 A-B (Col. 26, lines ^9'2^) to facilitate 
operations on said one or more records stored in said database, Bapat does not teach a 
Graphical User Interface is included and Graphical User Interface operates to facilitate 
defining access privileges with respect to said one or more records stored in said database. 
However, as disclosed in the background of the invention, to allow a user to more easily 
access and manage a database, a Graphical User Interface is included in the database 
program (Applicant Admitted Prior Art, pages 1-3). As disclosed by Bapat, the system 
administrator 302 creates the permissions tables prior to use of the DBMS 280 by end 
users. The system administrator 302 invokes a call 440 to the 

Create_Permissions_Tables 442 procedure of the DBMS 280 (Col. 26, lines 18- 
27). As seen, in order to facilitate the invoking of the call 440, a Graphical User Interface 
should be included in the database program. Therefore, it would have been obvious for 
one of ordinary skill in the art at the time the invention was made to include a Graphical 
User Interface as admitted in the background in order to have a friendly system to 
define access right for a user. 
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Regarding to claim 17. Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 16, Bapat further discloses Graphical User 
Interface operates to provide the ability for a user of said database to define an expression 
associated with at least one operation that may be requested to be performed by another user 
of said database on said one or more records stored in said database (FIG. 1 5 A-B, Col. 26, 
lines 18-50). 

Regarding to claim 18, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 16, Bapat further discloses Graphical User 
Interface operates to provide the ability for a user to define said expression without requiring 
said user to write a programming script (Col. 26, lines 18-50). 

Regarding to claim 23, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 16, Bapat further discloses database program 
operates to determine whether access to at least one of said one or more records should be 
granted or denied {Col 27, line 45-Col. 28, line 26). 

Regarding to claim 24, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 23, Bapat further discloses the step of 
determining of whether access to said at least one record should be granted or denied is 
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performed by evaluating a calculation expression for said at least one of said one record (Col. 
27. line 45-Col. 28, line 26). 

Regarding to claim 25, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 24, Bapat further discloses access to said at 
least one record is granted only when said determining determines that access should be 
granted, and wherein access to said at least one record is denied when said determining 
determines that access should be denied for said record (Col. 27, line 45-Col. 28, line 26). 

Regarding to claim 26, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 24, Bapat further discloses access to said at 
least one record can be for browsing, editing, or deleting of said record (FIG. 1 5A). 

Regarding to claim 35, Bapat teaches a database program. As shown in FIG. 14 
is a database having one or more records stored therein (Col. 25, lines 49-50 and 55- 
59). A call 440 to a create permissions procedure 442 as a database program is used to 
create the permissions tables as in FIG. 15 A-B (Col. 26, lines 19-21) to control 
operations on said one or more records stored in said database, and to defining access 
privilege for at least one record, based on an expression which is defined for said least one 
record, said expression defining access privilege for said at least one record which is stored or 
is to be created in said database, Bapat does not teach a Graphical User Interface is 
included to facilitate the database program. However, as disclosed in the background of 
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the invention, to allow a user to more easily access and manage a database, a 
Graphical User Interface is included in the database program (Applicant Admitted Prior 
Art, pages 1-3). As disclosed by Bapat, the system administrator 302 creates the 
permissions tables prior to use of the DBMS 280 by end users. The system 
administrator 302 invokes a call 440 to the Create_Pennissions_Tables 442 
procedure of the DBMS 280 (Col. 26, lines 18-27). As seen, in order to facilitate the 
invoking of the call 440, a Graphical User Interface should be included in the database 
program. Therefore, it would have been obvious for one of ordinary skill in the art at the 
time the invention was made to include a Graphical User Interface as admitted in the 
background in order to have a friendly system to define access right for a user. 

Regarding to claim 36, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 35, Bapat further discloses database program 
further operates to evaluate said expression in order to determine whether access to said at 
least one record should be granted (Col. 27, line 45-Col. 28, line 26). 

6. Claims 11-15 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Bapat et al. [USP 6,236,996 B1] in view of Elmasri et al. 
[Fundamentals of Database System]. 

Regarding to claim 1 1 , Bapat teaches a method for controlling managed objects. 
As shown in FIG. 14, tables 310 and 320 as in FIG. 1 1A are stored in a conventional 
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DBMS 280 (Col. 25, lines 49-50). Rows 31 1,312, 321 , 322 of the tables 310, 320 
contain management information for managed objects (Col. 25, lines 60-61). The FDN 
operates as the primary key to the data stored in the table and to determine which 
managed objects that a particular user is permitted to access or modify (Col. 19, lines 
36-40). Access control for a particular user on a particular managed object is defined by 
a permissions table (Col. 26, lines 10-12). As shown in FIGS. 15A and 15B, a 
permission entry 1502, 1504 is tuples having three fields, user name, object name and 
operation type. The object name is the FDN for a managed object (Col. 26, lines 28-33). 
As seen, each permission entry is defined in the permission table as a calculation 
expression for a user name, said calculation expression defining access privileges of said one 
or more users with respect to at least one operation that may be requested to be performed by 
said one or more users on one or more records of said database. When a user 300 issues an 
SQL command to access the DBMS 280 (Col. 22, lines 24-26, Col. 25, lines 65-67) for 
the status of all routers in the network or for information about a specified list of 
managed objects (Col. 28, lines 27-30) as receiving a request to perform said at least one 
operation on one or more records of said database^ said request being identified as a request 
made by said one or more users associated with user name. Access Control is enforced by 
evaluating user name, object name and operation type as said calculation expression 
when said request has been received; said evaluation returning only one of two possible 
values, one of said possible values indicating that said at least one operation should be granted 
and another one of said possible values indicating that said at least one operation should be 
denied; granting said at least one operation to be performed when said evaluation returns one 
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said possible value to indicate that said at least one operation should be granted; and denying 
said at least one operation to be performed when said evaluation returns one said another 
possible value to indicate that said at least one operation should be denied (Col. 27, line 45- 
Col. 28, line 26). Elmasri teaches a method of protecting access to a database system 
by identifying a password that is associated with one or more users of said database (Elmasri, 
page 718). Therefore, it would have been obvious for one of ordinary skill in the art at 
the time the invention was made to modify the Bapat method by using a password to 
identify a user a taught by Elmasri in order to have a more secure database system. 

Regarding to claim 12, Bapat and Elmasri teaches all the claimed subject 
matters as discussed in claim 1 1 , Bapat further discloses at least one operation can be a 
browse, an edit, or a delete operation (FIG, 1 5A and B). 

Regarding to claim 13, Bapat and Elmasri teaches all the claim subject matters 
as discussed in claim 1 1 , Bapat further discloses calculation expression is not explicitly 
defined for said at least one operation but said calculation expression is one that has been 
defined for another operation which has been considered as a related operation to said at least 
one operation (FIG. 15A). 

Regarding to claim 14, Bapat and Elmasri teaches all the claim subject matters 
as discussed in claim 1 1 , Bapat further discloses calculation expression can be evaluated 
at least partly based on a value of at least one field of said at least one record, and wherein 
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said calculation expression can be evaluated at least partly based on at least one state variable 
of said database (Col. 26, lines 28-33). 

Regarding to claim 15, Bapat and Elmasri teaches all the claim subject matters 
as discussed in claim 14, Bapat further discloses the step oi granting temporary or 
limited access to said at least one record to allow said evaluating of said calculation expression 
(FIG. 15A). 

7. Claims 19-22 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Bapat et al. [USP 6,236,996 B1] In view of Applicant Admitted 
Prior Art [Background Of The Invention, pages 1 -3] and Elmasri et al. 
[Fundamentals of Database System]. 

Regarding to claim 19, Bapat and Applicant Admitted Prior Art teaches all the 
claim subject matters as discussed in claim 16, Bapat fails to teach Graphical User 
Interface provides a window that allows a user to interact with said Graphical User Interface 
to identify a password for which access privileges may be defined or re-defined. Elmasri 
teaches a method of protecting access to a database system by identifying a password 
that is associated with one or more users of said database (Elmasri, page 718). In the 
teaching of creating the permission table (Col. 26, lines 16-50), a Graphical User 
Interface provides a window is implied. In FIG. 15A, a user name is identified by system 
administrator and the user access right is mapped to the table by 
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Create_Permissions_Tahles procedure. Therefore, it would have been obvious for 
one of ordinary skill in the art at the time the invention was made to modify the Bapat 
and Applicant Admitted Prior Art method by using a Graphical User Interface to identify 
a password instead of user name in order to define access privilege for a user. 

Regarding to claim 20. Bapat, Applicant Admitted Prior Art and Elmasri teaches 
all the claim subject matters as discussed in claim 19, Bapat further discloses Graphical 
User Interface further provides a window that allows a user to specify a calculation expression 
which defines access privileges with respect to at least one operation that may be requested to 
be performed on said one or more records (Col. 26, lines 28-33). 

Regarding to claim 21 , Bapat, Applicant Admitted Prior Art and Elmasri teaches 
all the claim subject matters as discussed in claim 20, Bapat further discloses at least 
one operation can be a browse^ edit, or a delete operation (FIG. 1 5A). 

Regarding to claim 22, Bapat, Applicant Admitted Prior Art and Elmasri teaches 
all the claim subject matters as discussed in claim 20, Bapat further discloses 
calculation expression can be evaluated at least partly based on a value in at least one field of 
said one or more records of said database^ and wherein said calculation expression can be 
evaluated at least partly based on at least one state variable of said database (Col. 26, lines 
28-33). 
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8. Claim 27 is rejected under 35 U.S.C. 103(a) as being unpatentable 
over Bapat et al. [USP 6,236,996 B1] in view of Applicant Admitted Prior Art 
[Background Of The Invention, pages 1-3] and Gorelik et al. [USP 6,651,067 B1]. 

Regarding to claim 27, Bapat and Applicant Admitted Prior Art teaches all the 
claimed subject matters as discussed in claim 24, but fails to disclose the database 
further comprises a cache, and wherein said cache operates to store an evaluated result of at 
least one calculation expression. Gorelik teaches a database comprises a cache, and 
cache operates to store an evaluated result (Gorelik, FIG. 3). Therefore, it would have 
been obvious for one of ordinary skill in the art at the time the invention was made to 
modify the Bapat and Applicant Admitted Prior Art system by including a cache and 
store the result in cache as taught by Gorelik in order to speed up the retrieval process. 

Conclusion 

9. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to HUNG Q PHAM whose telephone number is 703- 
605-4242. The examiner can normally be reached on Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supen/isor, JOHN E BREENE can be reached on 703-305-9790. The fax phone 
number for the organization where this application or proceeding is assigned is (703) 
872-9306. 
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Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 

Examiner Hung Pham 
December 15, 2003 




